﻿// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.


using IdentityServer4.Models;
using IdentityServer4.Test;
using System.Collections.Generic;
using System.Security.Claims;
using static IdentityServer4.Models.IdentityResources;

namespace IdentityServer
{
    public static class Config
    {
        public static IEnumerable<IdentityResource> IdentityResources =>
            new IdentityResource[]
            {
                new IdentityResources.OpenId(),
                     new IdentityResources.Profile()
               // new Profile(){  UserClaims=new List<string>(){ IdentityModel.JwtClaimTypes.Role} }
               // new ApiResource("api1", "My API",new List<string>(){ IdentityModel.JwtClaimTypes.Role})
            };

        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
            {
                new ApiResource("pc_resource", "电脑端"){

                    Scopes={ "pc_scope" },
                    UserClaims={ IdentityModel.JwtClaimTypes.Role},  //添加Cliam 角色类型
                    ApiSecrets={new Secret("pc_resource_secret".Sha256())}
                }
            };
        }

        public static IEnumerable<ApiScope> ApiScopes =>
            new ApiScope[]
            {
              new ApiScope("wechat_scope", "微信端"),
              new ApiScope("pc_scope", "电脑端")
            };

        public static IEnumerable<Client> Clients =>
            new Client[]
            {
                  new Client{  ClientId = "wechat_client",AllowedGrantTypes = GrantTypes.ClientCredentials,
                             ClientSecrets ={new Secret("wechat_secret".Sha256())},AllowedScopes = { "wechat_scope" } },

                 new Client{  ClientId = "pc_client",AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
                             ClientSecrets ={new Secret("pc_resource_secret".Sha256())},AllowedScopes = { "pc_scope" },

                             AlwaysSendClientClaims = true,
                             AllowOfflineAccess = true
                             //all
                             
                            
                           }

            };


        public static List<TestUser> GetUsers()
        {
            return new List<TestUser>(){
                new TestUser  { SubjectId="1",Username="test",Password="test",Claims=new Claim[]
                    {
                        new Claim(ClaimTypes.Role,"test_role")
                    }},
                new TestUser  { SubjectId="2", Username="admin",Password="admin" }
            };
        }
    }
}